Risk Assessment for Cooperative Automated Driving

Global investment and recent advancements in vehicle automation are making autonomous and cooperative automated driving (AD) a reality. Not only will automated vehicles incorporate more electronics and connectivity than ever before, but also, notably, they will transfer control and responsibility of monitoring the environment from a human driver to a robotic system. While prior work has assessed and provided security solutions for non-automated vehicles, there is much to understand regarding the security implications of AD. In this work, we begin to address this gap in understanding. This paper reports on a risk assessment framework for autonomous and cooperative AD. We aggregate the state of the art in AD research to define a reference architecture for automated vehicles, describing the new attack surfaces and data flow. Employing existing automotive threat models, we propose a novel application-based threat enumeration and analysis approach that is able to address different AD applications across all levels of automation. We demonstrate this framework with an example application assessment and summarize the results and security insights from analyses of other applications. The results of our risk assessment and future assessments with this framework will inform on the design of security solutions and secure architectures for production AD systems.